<!doctype html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>HTTPS Node.js v0.10.35 Manual &amp; Documentation</title>
  <link rel="stylesheet" href="assets/style.css">
  <link rel="stylesheet" href="assets/sh.css">
  <link rel="canonical" href="http://nodejs.org/api/https.html">
  <script type="text/javascript" src="//use.typekit.net/mse5tqx.js"></script>
  <script type="text/javascript">try{Typekit.load();}catch(e){}</script>
</head>
<body class="alt apidoc int docs" id="docs">
    <div id="nav">
      <img id="logo" src="assets/logo.svg" alt="node.js">
      <ul>
        <li><a href="http://nodejs.org">Home</a></li>
        <li><a href="http://nodejs.org/download/">Downloads</a></li>
        <li class="active"><a href="http://nodejs.org/documentation/">Docs</a></li>
        <li><a href="http://nodejs.org/community/">Community</a></li>
        <li><a href="http://nodejs.org/about/">About</a></li>
        <li><a href="http://jobs.nodejs.org">Jobs</a></li>
        <li><a href="http://blog.nodejs.org">Blog</a></li>
      </ul>
    </div>
    <div id="content-wrap">
    <div id="content" class="clearfix">
      <div id="column2" class="interior">
        <!--<img src="/images/logo-light.svg" alt="node.js" width="170">-->
        <ul class="docs-nav">
          <li><a href="http://nodejs.org/documentation/">About Docs</a></li>
          <li><a href="http://nodejs.org/documentation/tutorials/">Tutorials</a></li>
          <li><a href="http://nodejs.org/documentation/contributing/">Contributing</a></li>
          <li><a href="http://nodejs.org/documentation/localization/">Localization</a></li>
          <li class="active"><a href="http://nodejs.org/api/">API Docs</a></li>
        </ul>
      </div>
        <div id="column1" class="interior">
          <header>
            <h1>Node.js v0.10.35 Manual &amp; Documentation</h1>
            <div id="gtoc">
              <p>
                <a href="index.html" name="toc">Index</a> |
                <a href="all.html">View on single page</a> |
                <a href="https.json">View as JSON</a>
              </p>
            </div>
            <hr>
          </header>

          <div id="toc">
            <h2>Table of Contents</h2>
            <ul>
<li><a href="#https_https">HTTPS</a><ul>
<li><a href="#https_class_https_server">Class: https.Server</a></li>
<li><a href="#https_https_createserver_options_requestlistener">https.createServer(options, [requestListener])</a><ul>
<li><a href="#https_server_listen_port_host_backlog_callback">server.listen(port, [host], [backlog], [callback])</a></li>
<li><a href="#https_server_listen_path_callback">server.listen(path, [callback])</a></li>
<li><a href="#https_server_listen_handle_callback">server.listen(handle, [callback])</a></li>
<li><a href="#https_server_close_callback">server.close([callback])</a></li>
</ul>
</li>
<li><a href="#https_https_request_options_callback">https.request(options, callback)</a></li>
<li><a href="#https_https_get_options_callback">https.get(options, callback)</a></li>
<li><a href="#https_class_https_agent">Class: https.Agent</a></li>
<li><a href="#https_https_globalagent">https.globalAgent</a></li>
</ul>
</li>
</ul>

          </div>

          <div id="apicontent">
            <h1>HTTPS<span><a class="mark" href="#https_https" id="https_https">#</a></span></h1>
<pre class="api_stability_3">Stability: 3 - Stable</pre><p>HTTPS is the HTTP protocol over TLS/SSL. In Node this is implemented as a
separate module.

</p>
<h2>Class: https.Server<span><a class="mark" href="#https_class_https_server" id="https_class_https_server">#</a></span></h2>
<p>This class is a subclass of <code>tls.Server</code> and emits events same as
<code>http.Server</code>. See <code>http.Server</code> for more information.

</p>
<h2>https.createServer(options, [requestListener])<span><a class="mark" href="#https_https_createserver_options_requestlistener" id="https_https_createserver_options_requestlistener">#</a></span></h2>
<p>Returns a new HTTPS web server object. The <code>options</code> is similar to
<a href="tls.html#tls_tls_createserver_options_secureconnectionlistener">tls.createServer()</a>.  The <code>requestListener</code> is a function which is
automatically added to the <code>&#39;request&#39;</code> event.

</p>
<p>Example:

</p>
<pre><code>// curl -k https://localhost:8000/
var https = require(&#39;https&#39;);
var fs = require(&#39;fs&#39;);

var options = {
  key: fs.readFileSync(&#39;test/fixtures/keys/agent2-key.pem&#39;),
  cert: fs.readFileSync(&#39;test/fixtures/keys/agent2-cert.pem&#39;)
};

https.createServer(options, function (req, res) {
  res.writeHead(200);
  res.end(&quot;hello world\n&quot;);
}).listen(8000);</code></pre>
<p>Or

</p>
<pre><code>var https = require(&#39;https&#39;);
var fs = require(&#39;fs&#39;);

var options = {
  pfx: fs.readFileSync(&#39;server.pfx&#39;)
};

https.createServer(options, function (req, res) {
  res.writeHead(200);
  res.end(&quot;hello world\n&quot;);
}).listen(8000);</code></pre>
<h3>server.listen(port, [host], [backlog], [callback])<span><a class="mark" href="#https_server_listen_port_host_backlog_callback" id="https_server_listen_port_host_backlog_callback">#</a></span></h3>
<h3>server.listen(path, [callback])<span><a class="mark" href="#https_server_listen_path_callback" id="https_server_listen_path_callback">#</a></span></h3>
<h3>server.listen(handle, [callback])<span><a class="mark" href="#https_server_listen_handle_callback" id="https_server_listen_handle_callback">#</a></span></h3>
<p>See <a href="http.html#http_server_listen_port_hostname_backlog_callback">http.listen()</a> for details.

</p>
<h3>server.close([callback])<span><a class="mark" href="#https_server_close_callback" id="https_server_close_callback">#</a></span></h3>
<p>See <a href="http.html#http_server_close_callback">http.close()</a> for details.

</p>
<h2>https.request(options, callback)<span><a class="mark" href="#https_https_request_options_callback" id="https_https_request_options_callback">#</a></span></h2>
<p>Makes a request to a secure web server.

</p>
<p><code>options</code> can be an object or a string. If <code>options</code> is a string, it is
automatically parsed with <a href="url.html#url.parse">url.parse()</a>.

</p>
<p>All options from <a href="http.html#http_http_request_options_callback">http.request()</a> are valid.

</p>
<p>Example:

</p>
<pre><code>var https = require(&#39;https&#39;);

var options = {
  hostname: &#39;encrypted.google.com&#39;,
  port: 443,
  path: &#39;/&#39;,
  method: &#39;GET&#39;
};

var req = https.request(options, function(res) {
  console.log(&quot;statusCode: &quot;, res.statusCode);
  console.log(&quot;headers: &quot;, res.headers);

  res.on(&#39;data&#39;, function(d) {
    process.stdout.write(d);
  });
});
req.end();

req.on(&#39;error&#39;, function(e) {
  console.error(e);
});</code></pre>
<p>The options argument has the following options

</p>
<ul>
<li><code>host</code>: A domain name or IP address of the server to issue the request to.
Defaults to <code>&#39;localhost&#39;</code>.</li>
<li><code>hostname</code>: To support <code>url.parse()</code> <code>hostname</code> is preferred over <code>host</code></li>
<li><code>port</code>: Port of remote server. Defaults to 443.</li>
<li><code>method</code>: A string specifying the HTTP request method. Defaults to <code>&#39;GET&#39;</code>.</li>
<li><code>path</code>: Request path. Defaults to <code>&#39;/&#39;</code>. Should include query string if any.
E.G. <code>&#39;/index.html?page=12&#39;</code></li>
<li><code>headers</code>: An object containing request headers.</li>
<li><code>auth</code>: Basic authentication i.e. <code>&#39;user:password&#39;</code> to compute an
Authorization header.</li>
<li><code>agent</code>: Controls <a href="#https_class_https_agent">Agent</a> behavior. When an Agent is used request will
default to <code>Connection: keep-alive</code>. Possible values:<ul>
<li><code>undefined</code> (default): use <a href="#https_https_globalagent">globalAgent</a> for this host and port.</li>
<li><code>Agent</code> object: explicitly use the passed in <code>Agent</code>.</li>
<li><code>false</code>: opts out of connection pooling with an Agent, defaults request to
<code>Connection: close</code>.</li>
</ul>
</li>
</ul>
<p>The following options from <a href="tls.html#tls_tls_connect_options_callback">tls.connect()</a> can also be specified. However, a
<a href="#https_https_globalagent">globalAgent</a> silently ignores these.

</p>
<ul>
<li><code>pfx</code>: Certificate, Private key and CA certificates to use for SSL. Default <code>null</code>.</li>
<li><code>key</code>: Private key to use for SSL. Default <code>null</code>.</li>
<li><code>passphrase</code>: A string of passphrase for the private key or pfx. Default <code>null</code>.</li>
<li><code>cert</code>: Public x509 certificate to use. Default <code>null</code>.</li>
<li><code>ca</code>: An authority certificate or array of authority certificates to check
the remote host against.</li>
<li><code>ciphers</code>: A string describing the ciphers to use or exclude. Consult
<a href="http://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT">http://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT</a> for
details on the format.</li>
<li><code>rejectUnauthorized</code>: If <code>true</code>, the server certificate is verified against
the list of supplied CAs. An <code>&#39;error&#39;</code> event is emitted if verification
fails. Verification happens at the connection level, <em>before</em> the HTTP
request is sent. Default <code>true</code>.</li>
<li><code>secureProtocol</code>: The SSL method to use, e.g. <code>TLSv1_method</code> to force
TLS version 1. The possible values depend on your installation of
OpenSSL and are defined in the constant <a href="http://www.openssl.org/docs/ssl/ssl.html#DEALING_WITH_PROTOCOL_METHODS">SSL_METHODS</a>.</li>
</ul>
<p>In order to specify these options, use a custom <code>Agent</code>.

</p>
<p>Example:

</p>
<pre><code>var options = {
  hostname: &#39;encrypted.google.com&#39;,
  port: 443,
  path: &#39;/&#39;,
  method: &#39;GET&#39;,
  key: fs.readFileSync(&#39;test/fixtures/keys/agent2-key.pem&#39;),
  cert: fs.readFileSync(&#39;test/fixtures/keys/agent2-cert.pem&#39;)
};
options.agent = new https.Agent(options);

var req = https.request(options, function(res) {
  ...
}</code></pre>
<p>Or does not use an <code>Agent</code>.

</p>
<p>Example:

</p>
<pre><code>var options = {
  hostname: &#39;encrypted.google.com&#39;,
  port: 443,
  path: &#39;/&#39;,
  method: &#39;GET&#39;,
  key: fs.readFileSync(&#39;test/fixtures/keys/agent2-key.pem&#39;),
  cert: fs.readFileSync(&#39;test/fixtures/keys/agent2-cert.pem&#39;),
  agent: false
};

var req = https.request(options, function(res) {
  ...
}</code></pre>
<h2>https.get(options, callback)<span><a class="mark" href="#https_https_get_options_callback" id="https_https_get_options_callback">#</a></span></h2>
<p>Like <code>http.get()</code> but for HTTPS.

</p>
<p><code>options</code> can be an object or a string. If <code>options</code> is a string, it is
automatically parsed with <a href="url.html#url.parse">url.parse()</a>.

</p>
<p>Example:

</p>
<pre><code>var https = require(&#39;https&#39;);

https.get(&#39;https://encrypted.google.com/&#39;, function(res) {
  console.log(&quot;statusCode: &quot;, res.statusCode);
  console.log(&quot;headers: &quot;, res.headers);

  res.on(&#39;data&#39;, function(d) {
    process.stdout.write(d);
  });

}).on(&#39;error&#39;, function(e) {
  console.error(e);
});</code></pre>
<h2>Class: https.Agent<span><a class="mark" href="#https_class_https_agent" id="https_class_https_agent">#</a></span></h2>
<p>An Agent object for HTTPS similar to <a href="http.html#http_class_http_agent">http.Agent</a>.  See <a href="#https_https_request_options_callback">https.request()</a>
for more information.


</p>
<h2>https.globalAgent<span><a class="mark" href="#https_https_globalagent" id="https_https_globalagent">#</a></span></h2>
<p>Global instance of <a href="#https_class_https_agent">https.Agent</a> for all HTTPS client requests.

</p>

          </div>
        </div>
    </div>
    </div>
    <div id="footer">
      <div class="foot-1">
        <a href="http://www.joyent.com"><h5>The Node.js Project is Sponsored by</h5>
        <img src="assets/joyent-footer.svg" width="200">
        <p class="tag">Production Node +<br>High Performance Infrastructure</p></a>
        <a href="https://my.joyent.com/landing/signup/701800000015696" class="button getstarted">Get Started</a>
      </div>
      <div class="foot-2">
        <div class="foot-nav">
          <ul>
            <li><a href="http://nodejs.org/download/">Downloads</a></li>
          </ul>
          <ul>
            <li><a href="http://nodejs.org/documentation/">Documentation</a></li>
            <li><a href="http://nodejs.org/api/">API Docs</a></li>
            <li><a href="http://nodejs.org/documentation/tutorials/">Tutorials</a></li>
            <li><a href="http://nodejs.org/documentation/localization/">Localization</a></li>
          </ul>
          <ul>
            <li><a href="http://nodejs.org/community/">Community</a></li>
            <li><a href="https://github.com/joyent/node/issues">Github Issues</a></li>
            <li><a href="http://groups.google.com/group/nodejs">Mailing List</a></li>
            <li><a href="http://webchat.freenode.net/?channels=node.js">IRC</a></li>
            <li><a href="https://twitter.com/nodejs">Twitter</a></li>
          </ul>
          <ul>
            <li><a href="http://nodejs.org/about/">About</a></li>
            <li><a href="http://nodejs.org/about/organization/">Organization</a></li>
            <li><a href="http://nodejs.org/about/core-team/">Core Team</a></li>
            <li><a href="http://nodejs.org/about/resources/">Resources</a></li>
          </ul>
          <ul>
            <li><a href="http://blog.nodejs.org">Blog</a></li>
          </ul>
        </div>
        <p class="copyright">Copyright 2014 <a href="http://joyent.com/">Joyent, Inc</a>, Node.js is a <a href="https://nodejs.org/images/trademark-policy.pdf">trademark</a> of Joyent, Inc. <a href="https://raw.github.com/joyent/node/v0.10.35/LICENSE">View license</a>.</p>
      </div>
    </div>

  <script src="/sh_main.js"></script>
  <script src="/sh_javascript.min.js"></script>
  <script>highlight(undefined, undefined, 'pre');</script>
  <script>
    window._gaq = [['_setAccount', 'UA-10874194-2'], ['_trackPageview']];
    (function(d, t) {
      var g = d.createElement(t),
          s = d.getElementsByTagName(t)[0];
      g.src = '//www.google-analytics.com/ga.js';
      s.parentNode.insertBefore(g, s);
    }(document, 'script'));
  </script>
</body>
</html>

